<?php
# !!!!!!!!!! DON'T MAKE ANY CHANGE IF YOU DON'T KNOW WHAT YOU'RE DOING !!!!!!!!!!
// --------------------------------------------------------------------------------------------------------------
// File Name              :	orders.php
// Last Modification Time	:	2008-02-01 24:00
// Last Modified by       :	turker (turker.biz@gmail.com)
// list of modifications  :
//
//	- 2008-02-01 turker
//		* 24:00 file created.
//
// --------------------------------------------------------------------------------------------------------------
if (eregi("orders.php",$_SERVER['PHP_SELF'])) {
	header ("Location:../index.php");
	exit;
}

if (!isLogged()) {
	header ("Location:$SITE_URL/");
	exit;
}

?>
<!--div:icerik -->
    <div id="icerik">
      <p>
<?php
$user_id=getActiveUser('id');
$id=@(int)$_GET['id'];

if(isAdmin()) $user_id='';
else $user_id="and user_id='$user_id'";

//id, basket_ids, buy, buy_date, send, send_date, address, order_note, admin_note, user_id, total
$q=$mysql->query("select * from $ORDERS_TABLE where id='$id' $user_id");
if ($mysql->numRows($q)>0) {
  $read=$mysql->fetch($q);
  $ids=$read['basket_ids'];
  $buy=$read['buy'];
  $buy_date=$read['buy_date'];
  $send=$read['send'];
  $send_date=$read['send_date'];
  $address=$read['address'];
  $order_note=$read['order_note'];
  $admin_note=$read['admin_note'];
  $user_id=getActiveUser('id');

  if ($send==1) $send_date=strftime('%d %B %Y %A',$send_date);
  else $send_date=$_LANG['orders']['msg1'];

  $basket_id='';
  if (strstr($ids, '|')) {
    $ids=explode('|',$ids);
    foreach ($ids as $bid) $basket_id[]="$BASKET_TABLE.id='$bid'";
    $basket_id=implode(' or ',$basket_id);
  }
  else $basket_id="$BASKET_TABLE.id='$ids'";


  echo '<table cellpadding="2" cellspacing="0" width="100%">';
  echo '<tr><th align="center">'.$_LANG['general']['date'].'</th><th>'.$_LANG['basket']['item'].'</th><th align="center">'.$_LANG['basket']['piece'].'</th></tr>';

  $active="and $ITEM_PRICES_TABLE.active='1'";
  if (isAdmin()) $active='';
  if (!isAdmin()) $user_id="$BASKET_TABLE.user_id='$user_id' and";
  else $user_id='';

  $sql="select $BASKET_TABLE.id as bid,$BASKET_TABLE.date as bdate,$BASKET_TABLE.piece,$EXCHANGES_TABLE.name as ename,$EXCHANGES_TABLE.exchange,$ITEMS_TABLE.id,";
  $sql.="$ITEM_PRICES_TABLE.price,$ITEM_PRICES_TABLE.campaign,$ITEM_PRICES_TABLE.campaign_price,$ITEM_PRICES_TABLE.vat,$ITEMS_TABLE.item,$ITEMS_TABLE.name from ";
  $sql.="$BASKET_TABLE,$ITEM_PRICES_TABLE,$EXCHANGES_TABLE,$ITEMS_TABLE where $user_id $BASKET_TABLE.price_id=$ITEM_PRICES_TABLE.id and ";
  $sql.="$BASKET_TABLE.exchange_id=$EXCHANGES_TABLE.id and $ITEMS_TABLE.lang='$SITE_DEF_LANG' $active  and $BASKET_TABLE.ordered='1' and ";
  $sql.="$ITEM_PRICES_TABLE.item_id=$ITEMS_TABLE.id and $ITEM_PRICES_TABLE.exchange_id=$EXCHANGES_TABLE.id and ($basket_id) order by $BASKET_TABLE.date desc";

  $q=$mysql->query($sql);
  while ($read=$mysql->fetch($q)) {
  	$bid=$read['bid'];
  	$piece=$read['piece'];
  	$date=$read['bdate']; #*
  	$ename=$prep->html($read['ename']);
  	$exchange=$read['exchange'];
  	$price=$read['price']; #*
  	$campaign=$read['campaign']; #*
  	$campaign_price=$read['campaign_price']; #*
  	$vat=$read['vat'];
  	$item=$prep->html($read['item']); #*
  	$item_id=$read['id']; #*
  	$name=$read['name']; #*

  	$date=date('d/m/y H:i',$date);
  	if ($campaign_price>0&&$campaign) $price=$campaign_price;
    $item_link='<a href="index.php?page=item&id='.$item_id.'" onclick="top.location=this.href">'.$item.'</a>';
    if ($SITE_SEO) $item_link='<a href="'.$SITE_URL.'/item/'.$name.'" onclick="top.location=this.href">'.$item.'</a>';

    $price=round($price*$exchange,2);
    $vat=round($price*$piece*$vat/100,2);
    $total=round($price*$piece+$vat,2);
    $global_total+=$total;

  	echo <<<html
  	<tr id="$bid">
      <td align="center">$date</td>
      <td>$item_link</td>
      <td align="center">$piece</td>
  	</tr>
html;
  }
  //echo '<tr><td colspan="3" align="right">Genel Toplam</td><td align="right">'.$global_total.' YTL</td></tr>';
  echo '</table>';
}
else echo $_LANG['errors']['error4'];
?>
      </p>
    </div>
<!--//div:icerik -->